package com.ef.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.ef.constant.SystemContant;

/**
 * 用户登录过滤器。
 * 
 * @author 金峰
 * @version 2009-9-1
 */
public class SecurityFilter implements Filter {

	public void destroy() {
	}

	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) res;
		HttpSession session = request.getSession();

		Object emp = session.getAttribute(SystemContant.CURRENT_USER);
		String uri = request.getRequestURI();
		// 用户没有登录
		if (emp == null) {
			if (uri.indexOf(".js") > 0 
					|| uri.indexOf(".css") > 0 
					|| uri.indexOf(".jpg") > 0
					|| uri.indexOf("login") > 0 
					|| uri.indexOf("imageRnd") > 0
					|| uri.indexOf("exteriorDownloadInit") > 0
					|| uri.indexOf("exteriorDownloadFile") > 0
					|| uri.indexOf("monitor") > 0) {
				
				chain.doFilter(req, res);
			} else {
				response.sendRedirect(request.getContextPath() + "/login.jsp");
			}
			
			// 用户已经登录
		} else {
			chain.doFilter(req, res);
		}
	}

	public void init(FilterConfig arg0) throws ServletException {
	}
}
